A great deal of data and productivity is lost every day by users of computers and other devices with embedded processors and data storage due to a variety of malicious processes, typically running on a user machine without user knowledge or permission and accessing or altering user data in system memory or on attached data storage devices without user knowledge or permission. These malicious processes are collectively known as malware, and are given a variety of specific names according to the nature of their function: viruses, spybots, adware, phishing, and the like. Some forms of malware alter, add, or delete user data; others merely gain access to confidential user information or record user activity. Users are tricked into loading such malicious data and processes, and/or allowing malicious or unauthorized access to data by means of whatever communications paths are available including removable data storage media and network connections. The resulting financial losses can be measured in billions of dollars, and an entire industry has developed to combat the problem.
Prior art systems provide limited means of segregating and protecting user data and processes from malicious access. Protection can be provided by completely isolating a system, allowing no data to be loaded from the outside after factory setup and providing no network connections of any sort. Alternatively, certain data storage devices are provided with software and/or hardware means to designate some or all of the storage space as “read-only.” For example, many optical disks can be configured to forbid alteration or deletion of stored data once written. Floppy disks are provided with a hardware “switch” (a mechanical flag) which signals the disk drive that the stored data are read only. Some semiconductor memory devices can be put into a read-only state (“ROM” or “read-only memory”). These devices can be loaded with malware-free data in a secure environment, and the data thereafter can exist in a read-only state thereby preserving the integrity of the data. When applications are delivered on such devices, however, the application is often “installed” or copied from the secure device into read-write memory which is not safe from malicious attack. Users may perform such installations for reasons of access speed: read-write data storage devices typically have faster access times than read-only devices (for example magnetic disks compared to optical disks). Users of a given application may also need to store new data. For example, a word processing application is designed to edit and create new data which must be stored in a writeable data storage device. A cell phone must be able to store a contact list of names and phone numbers. A navigation system typically stores information about routes traveled. Most applications must also store user configuration data that customizes the behavior of the application for the user and the particular hardware and software environment and/or records use history.
While read-write data storage is convenient to use for all these reasons, it is vulnerable to unauthorized alteration, deletion, and access. Operating systems typically provide a permission mechanism to control access, at least at the file system level. However, such systems remain vulnerable to determined malicious attack in that various means have been devised to circumvent these software file permission protection mechanisms. A common approach to protecting a system from malicious attack has been to install additional software: “antivirus” software as well as similar protection software to detect and remove adware and spybots and to protect from phishing attacks. Such software packages typically look for an identifiable signature of known malware entities and respond accordingly by removing or sequestering the offending memory or files. These software packages must be updated frequently as new malware entities are developed, and significant system resources are required both to download the updates and to regularly scan all vulnerable data storage for possible infection. Further, when a new malware entity appears, systems are vulnerable until an update to protection software can be developed, distributed, installed, and run. Considerable damage can be done during this time interval.